connect.bakertilly.com Open in urlscan Pro
34.237.219.119 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/...
Submission: On February 01 via api (February 1st 2023, 6:37:50 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 22 domains to perform 50 HTTP transactions. The main IP is 34.237.219.119, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is connect.bakertilly.com. The Cisco Umbrella rank of the primary domain is 473150.
TLS certificate: Issued by R3 on January 10th 2023. Valid for: 3 months.

This is the only time connect.bakertilly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9 10	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2600:9000:223... 2600:9000:223d:7c00:d:7e9b:1200:93a1	() ()
2	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.22 13.32.99.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::6815:2d74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:7200:13:5e7f:45c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:2c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.227.173 52.29.227.173	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	35.225.249.69 35.225.249.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:20e... 2600:9000:20eb:3600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:e2:... 2606:4700:e2::ac40:8e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.30 13.224.189.30	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:e600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	18.197.172.107 18.197.172.107	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:cece:1b07:77bd:8fc3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	27

10 34.237.219.119 (Ashburn, United States) 9 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

connect.bakertilly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:223d:7c00:d:7e9b:1200:93a1 (United States)

ASN- ()

storage.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:2d74 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.calibermind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7200:13:5e7f:45c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.metarouter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:2c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.227.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-227-173.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.225.249.69 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.249.225.35.bc.googleusercontent.com

e.metarouter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20eb:3600:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8e22 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net

analytics-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:e600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.172.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-172-107.eu-central-1.compute.amazonaws.com

35627.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:cece:1b07:77bd:8fc3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bakertilly.com 9 redirects connect.bakertilly.com — Cisco Umbrella Rank: 473150	13 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2416 d.adroll.com — Cisco Umbrella Rank: 1473	82 KB
9	pardot.com storage.pardot.com — Cisco Umbrella Rank: 8721	59 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295 fonts.googleapis.com — Cisco Umbrella Rank: 34	99 KB
3	metarouter.io cdn.metarouter.io — Cisco Umbrella Rank: 44391 e.metarouter.io — Cisco Umbrella Rank: 57447	87 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4428 buttons-config.sharethis.com — Cisco Umbrella Rank: 5738 l.sharethis.com — Cisco Umbrella Rank: 4655	46 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	72 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	1 KB
2	analytics-sm.com analytics-sm.com — Cisco Umbrella Rank: 15364	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4504	612 B
1	google.de www.google.de — Cisco Umbrella Rank: 5986	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	siteimproveanalytics.io 35627.global.siteimproveanalytics.io — Cisco Umbrella Rank: 686634	479 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	354 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	376 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3062	12 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	70 KB
1	calibermind.com cdn.calibermind.com — Cisco Umbrella Rank: 103838	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5353	280 B
50	22

	Domain	Requested by
10	connect.bakertilly.com	9 redirects connect.bakertilly.com
9	storage.pardot.com	connect.bakertilly.com storage.pardot.com
8	s.adroll.com	2 redirects www.googletagmanager.com connect.bakertilly.com s.adroll.com
3	cdn.jsdelivr.net	connect.bakertilly.com
2	analytics-sm.com	connect.bakertilly.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	e.metarouter.io	cdn.metarouter.io
2	fonts.googleapis.com	connect.bakertilly.com
2	ajax.googleapis.com	connect.bakertilly.com
1	ws.zoominfo.com	connect.bakertilly.com
1	www.google.de	connect.bakertilly.com
1	www.google.com	connect.bakertilly.com
1	d.adroll.com	s.adroll.com
1	35627.global.siteimproveanalytics.io	connect.bakertilly.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	connect.bakertilly.com
1	px.ads.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	siteimproveanalytics.com	connect.bakertilly.com
1	snap.licdn.com	connect.bakertilly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	cdn.metarouter.io	connect.bakertilly.com
1	www.googletagmanager.com	connect.bakertilly.com
1	cdn.calibermind.com	connect.bakertilly.com
1	platform-api.sharethis.com	connect.bakertilly.com
1	bit.ly	1 redirects
50	28

This site contains links to these domains. Also see Links.

Domain
www.bakertilly.com
careers.bakertilly.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
connect.bakertilly.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
metarouter.io Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
e.metarouter.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-26` - `2023-02-26`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.analytics-sm.com Amazon	`2022-06-17` - `2023-07-16`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-09-09` - `2023-10-08`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-04-21` - `2023-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Frame ID: 581F6815B848DC8066D1C726043B9329
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FacebookInstagramlinkedin-boxTwitterYouTube

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

68 %
HTTPS

71 %
IPv6

22
Domains

28
Subdomains

27
IPs

4
Countries

595 kB
Transfer

2211 kB
Size

15
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bakertilly.com/

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/contact/offices
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/insights
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/industries
Title: Industries

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/services
Title: Services

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/contact?utm_source=footer&utm_medium=web
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://careers.bakertilly.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/contact/directory
Title: Professionals

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/legal-and-privacy
Title: Legal & Privacy

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/events
Title: Events

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/client-portal
Title: Client Portals

Search URL Search Domain Scan URL

URL: https://www.bakertilly.com/page/pay-invoice
Title: Pay Invoice

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bakertillyus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bakertillyus/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bakertillyus/
Title: linkedin-box

Search URL Search Domain Scan URL

URL: https://twitter.com/bakertillyus
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bakertillyus
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://bit.ly/3IcPekd HTTP 301
https://connect.bakertilly.com/l/870811/2021-01-21/5rdcn1/870811/1638473609JQL8V7Pw/btCommon.js HTTP 302
https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js

Request Chain 5

https://connect.bakertilly.com/btpdotlp2022 HTTP 302
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

Request Chain 6

https://connect.bakertilly.com/btpdotpc2022 HTTP 302
https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css

Request Chain 8

https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js HTTP 302
https://storage.pardot.com/870811/139427/css_versioning.js

Request Chain 9

https://connect.bakertilly.com/btlogo2022 HTTP 302
https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png

Request Chain 10

https://connect.bakertilly.com/l/870811/2022-08-09/5x5sxv/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png HTTP 302
https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png

Request Chain 19

https://connect.bakertilly.com/btpdotlp2022?v=1675276665953 HTTP 302
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

Request Chain 21

https://connect.bakertilly.com/btpdotpc2022?v=1675276665953 HTTP 302
https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css

Request Chain 26

https://connect.bakertilly.com/footerbg HTTP 302
https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png

Request Chain 35

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276666434&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276666434&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&e_ipv6=AQK0uAuHq-MoBgAAAYYORUcKbt5-Tp4H7tg97YLg6l0oGRKeyKb3A9Q02i3OVPSs1DU6J4A

Request Chain 37

https://s.adroll.com/j/exp/ZIA6BVWR65BBXJT4LUM5OD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 38

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 829643623 Show response
connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/ 19 KB
7 KB 505ms
185ms Document
text/html 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: c66cff9be72723425aa7ba3b5b8c80b38401ddc48529701322c80fddef775133

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 6931
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Feb 2023 18:37:45 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma: no-cache
referrer-policy: no-referrer
vary: Accept-Encoding,User-Agent
x-pardot-rsp: 0/0/1
x-robots-tag: nofollow, noindex

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 150ms
65ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 22977
age: 46173
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-yyz4533-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKnWah2h6oy5sr9UR9j7g25FdK0UfApNwWGW96hwMbTsbauND5LqQRtH1MHbJhmUkKzQDpzZEbMrnGkDwH1y3EWhopjjNO%2BYBfLoSJCSirWvQMg4cHHUbLn%2FXVl7MHZfKYAkD4GDXwTdrxjX7ow%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792cccd7feb03730-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 251ms
116ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 09:30:36 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 191ms
55ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 09:30:36 GMT

GET
H2

200

btCommon.js Show response
storage.pardot.com/870811/1670948981aKdLVlK8/
Redirect Chain

https://bit.ly/3IcPekd
https://connect.bakertilly.com/l/870811/2021-01-21/5rdcn1/870811/1638473609JQL8V7Pw/btCommon.js
https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js

4 KB
4 KB

44ms
43ms

Script
text/javascript

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbec195410c0786a7fb940d9eed5bf918e44e570c1bcd84abcce6f7c1fb9f4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:41 GMT
x-amz-version-id: e8a5eQEKueknN3FQLS8nb4SX_A0Xds8e
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 16:29:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 16325
etag: "64060d4bace9eefb582d45da36fd47fb"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 3777
x-amz-cf-id: 00sm3JkPTy-qX0mLxPpIA8mqDm50hne31nNOcmkjDKFdQ2M134ASTw==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:45 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1670948981aKdLVlK8/btCommon.js
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 137
expires: Wed, 01 Feb 2023 18:47:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
833 B 211ms
76ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e4ef99653f86b716cfa8a91b47c4a573e1108ae4ea6bde77db90a3eb0271575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 18:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:31:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 18:37:45 GMT

GET
H2

200

BT_pdotlp_2022.css
storage.pardot.com/870811/1670948300Hzjlbtvp/
Redirect Chain

https://connect.bakertilly.com/btpdotlp2022
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

7 KB
7 KB

215ms
42ms

Stylesheet
text/css

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbc237cabbae1bfa0abc33951828b16f0c1f1078138460046d8d4affc34a23b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:56:51 GMT
x-amz-version-id: 2danJM0is1kZlkibtJLq8SI7U.iecVUd
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 16:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 60055
etag: "2863ec80bf2c979afd9bf7f0de52f15b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 7079
x-amz-cf-id: ft2-q1Yc0kw5U7Ws9Sg2VvCMmBrWBLSu1qpjUXw4X2JoAFa6UQCzmA==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:45 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 145
expires: Wed, 01 Feb 2023 18:47:45 GMT

GET
H2

200

BT_pdotpref_2022.css
storage.pardot.com/870811/1662482867nzBScwKo/
Redirect Chain

https://connect.bakertilly.com/btpdotpc2022
https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css

4 KB
4 KB

49ms
46ms

Stylesheet
text/css

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b66732691276b293c7f7dd6185e5abe7655837b8b233d258b189a9167f5e0cc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:12:06 GMT
x-amz-version-id: q3LUqorkxgT0BlHkAgN.h9UL7O5j2fPs
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 16:47:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 12340
etag: "56ee443ac48baa7ff3926e41dbae7596"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 3884
x-amz-cf-id: dMfFEJFe4FFNVOgzrztEx2TuhQgwzlL8ihA9euI6joWlKkuvCHiKTg==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:45 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
x-pardot-canary: true
Content-Length: 144
expires: Wed, 01 Feb 2023 18:47:45 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 197 KB
44 KB 143ms
45ms Script
text/javascript 13.32.99.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-22.fra60.r.cloudfront.net

Software

Resource Hash

4c762350bf5dcf159a3adfddb1c33d90a8d85daaf7c5de9ea82b5fd201dd2d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:29:00 GMT
content-encoding: gzip
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 526
etag: W/"31224-Gf78CYYYtb3Uvr+/+bTpOi3PB9M"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: CFq9exeTupOVnfbyQP8tswPJWhtQ1xnBwwWQUePe3dNgHMjNtr8I5Q==

GET
H2

200

css_versioning.js Show response
storage.pardot.com/870811/139427/
Redirect Chain

https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js
https://storage.pardot.com/870811/139427/css_versioning.js

399 B
813 B

43ms
43ms

Script
text/javascript

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/139427/css_versioning.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2409f05808bdd1c2565f5ab75e7b4eaa685866da67667b91529869d4fdf5735a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:41 GMT
x-amz-version-id: ZO5JWGXwHSUhT1fRByLyGNhiyzb7gmEt
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jun 2020 15:21:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 16325
etag: "a86bc583417af9bb48b1b5cb52a56ca9"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 399
x-amz-cf-id: LZH7AV8xb5gFa9iJfjSTWSsUmNU-1Ks74PeDW2dbC12rIrPM3mWOcA==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:45 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/139427/css_versioning.js
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 128
expires: Wed, 01 Feb 2023 18:47:45 GMT

GET
H2

200

bt_logo_w_150.png
storage.pardot.com/870811/1659977712lzvRWHuE/
Redirect Chain

https://connect.bakertilly.com/btlogo2022
https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png

5 KB
5 KB

52ms
52ms

Image
image/png

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4de07af92a9e2e72fd6a9331056f3dbbc37994a55b950a2fbc9ff56e76c0da23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: mQo8HDMZ80uMwdk82OnaQm_nCgXXcPzg
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Mon, 08 Aug 2022 16:55:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 16325
etag: "58b309da53af01c84ea5abd3d3e0a864"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 4709
x-amz-cf-id: jcD01HPqsgSfSo_UY4jfVwQ5XEUFMjegelxR7ss_YGekg7aYXYRY3A==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1659977712lzvRWHuE/bt_logo_w_150.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 146
expires: Wed, 01 Feb 2023 18:47:46 GMT

GET
H2

200

footer_forbes_logo_gray.png
storage.pardot.com/870811/1660076998DPVsTVQ7/
Redirect Chain

https://connect.bakertilly.com/l/870811/2022-08-09/5x5sxv/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png
https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png

9 KB
10 KB

47ms
47ms

Image
image/png

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 831e90e4c55e6a57fbd416f77c291ec58db4d5dd820a6daa1f897e6a68a69607

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: XMfum2W6FlJ1GmxeMeGDq981ISidvGTF
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 09 Aug 2022 20:29:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 16325
etag: "984196af6653ccab0b6fe2433118c657"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 9591
x-amz-cf-id: HWQGHm7IqDRxTVDoL0Y_JvwKP2ov7NRn40Xljcls0N6rG46n7YgbwQ==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1660076998DPVsTVQ7/footer_forbes_logo_gray.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 150
expires: Wed, 01 Feb 2023 18:47:46 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
23 KB 52ms
51ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 46177
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-yyz4559-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7IogXGJ9P8FYhHyNRxyx5peNoWQlEt4P%2FJp%2BSd5svR03%2BYzmrLkl6pVEqpeZcJkKe2ju7HH1KVAdNpjCqQqHevHFMAkrdDV%2BG3xv2Kf2AL66pY7HbTWC1aNtou5Q20QXikkpRS76ckVWdClhz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792cccda4a303730-FRA

GET
H2 200 identifyEmail.latest.js Show response
cdn.calibermind.com/js/ 838 B
1 KB 136ms
48ms Script
application/javascript 2606:4700:3037::6815:2d74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calibermind.com/js/identifyEmail.latest.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2d74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 24562
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 16:30:56 GMT
server: cloudflare
etag: W/"63726d40-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk5yj4J44MI%2FO3DzrrfpHI9i83fV3SO4pu9yoUYFHfJPBT%2B%2BOILYWEDIsTgJ7uad%2FWYVGkLZAHbRt8dYr%2BiuLMEcLOxpCwIV%2BJiCaDJzJA2a%2B72mhxhqJ2qXqEhVZ6qj3%2FC05bo1DVqZKajT8ScwNRL2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400, stale-if-error=3600
cf-ray: 792cccdadc69691b-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
70 KB 212ms
84ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f48944a39f80e72007e095ed416bbdb3f39c6f222b47787745027c20acf58558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71010
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 18:37:46 GMT

GET bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 0
0

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 57ms
53ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?v=1675276665952

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 22977
age: 46173
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-yyz4533-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcE6OCeMW1b3N%2F3MKmMV0Kd7ZmHbD%2FjG4Rf1HdvUjqcKxsv6cqLNPz%2BvubJzmx1qskXvCugqyFHQO7YmYyNWv7mR3ZSr5U8%2FcimeQRsCN3Gp0ZdIgcImpIurXISz%2FaR7UCjQVz5wam1Vh1MuMPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792cccda5a403730-FRA

GET css2
fonts.googleapis.com/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
497 B 78ms
74ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap&v=1675276665952

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/l/870811/2020-06-18/5psfgd/870811/139427/css_versioning.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e4ef99653f86b716cfa8a91b47c4a573e1108ae4ea6bde77db90a3eb0271575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 18:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:33:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 18:37:45 GMT

GET btpdotlp2022
connect.bakertilly.com/ 0
0

GET
H2

200

BT_pdotlp_2022.css
storage.pardot.com/870811/1670948300Hzjlbtvp/
Redirect Chain

https://connect.bakertilly.com/btpdotlp2022?v=1675276665953
https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css

7 KB
7 KB

43ms
43ms

Stylesheet
text/css

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbc237cabbae1bfa0abc33951828b16f0c1f1078138460046d8d4affc34a23b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:56:51 GMT
x-amz-version-id: 2danJM0is1kZlkibtJLq8SI7U.iecVUd
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 16:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 60056
etag: "2863ec80bf2c979afd9bf7f0de52f15b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 7079
x-amz-cf-id: Rzc03aqLF6tSpXzzzEYfnJCcHacVsvCu2ZMRef86CN8OnO8RX2przQ==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 145
expires: Wed, 01 Feb 2023 18:47:46 GMT

GET btpdotpc2022
connect.bakertilly.com/ 0
0

GET
H2

200

BT_pdotpref_2022.css
storage.pardot.com/870811/1662482867nzBScwKo/
Redirect Chain

https://connect.bakertilly.com/btpdotpc2022?v=1675276665953
https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css

4 KB
4 KB

41ms
41ms

Stylesheet
text/css

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b66732691276b293c7f7dd6185e5abe7655837b8b233d258b189a9167f5e0cc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:12:06 GMT
x-amz-version-id: q3LUqorkxgT0BlHkAgN.h9UL7O5j2fPs
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 16:47:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 12341
etag: "56ee443ac48baa7ff3926e41dbae7596"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 3884
x-amz-cf-id: b-EDEG7lPWTxQcW61Tsvrqe8DSIYLEuPZk6Wn1j9pUyhSShI9wGrgg==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1662482867nzBScwKo/BT_pdotpref_2022.css
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 144
expires: Wed, 01 Feb 2023 18:47:46 GMT

GET
H2 200 iNb8Rmk2rahx23826pQyx.js Show response
cdn.metarouter.io/a/v1/ 389 KB
87 KB 165ms
50ms Script
application/javascript 2600:9000:211e:7200:13:5e7f:45c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.metarouter.io/a/v1/iNb8Rmk2rahx23826pQyx.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7200:13:5e7f:45c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12bfc76815c9102e1d42e23830b022915b63a095f991f3349b2d06fe58c761f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
last-modified: Wed, 25 May 2022 19:55:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 94
etag: "27f5f4c8921203b61caf57c9ba38d058"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=120
accept-ranges: bytes
content-length: 88834
x-amz-cf-id: MAWI9Yn08xir3XuO2G5FDTAKlTmeiA0SwEWsiJz9rXx2Mp0LAK8cCw==

GET
H2 200 5cf14047d75d0900122bb959.js Show response
buttons-config.sharethis.com/js/ 730 B
1 KB 568ms
456ms Script
text/javascript 2600:9000:211a:2c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5cf14047d75d0900122bb959.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:2c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a6d4dbc34bb1eed122b44f46bddc1ce834b5b8e0c833c3d2d053312e1b3d5782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:47 GMT
via: 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 02 Jun 2020 18:17:05 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
etag: "2a147e526e8304daa62507d4db649512"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 730
x-amz-cf-id: KSy2MVwpjMvtQJjhzW2lgMv23o3O4QI15o5dRPdiS06rCbdTu11cUQ==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
409 B 182ms
41ms XHR
text/plain 52.29.227.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=connect.bakertilly.com&location=%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&product=unknown&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=true&cms=unknown&publisher=5cf14047d75d0900122bb959&sop=true&version=st_sop.js&lang=en&description=%25%25description%25%25&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.227.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-227-173.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 18:37:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://connect.bakertilly.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 xMQbuFFYT72XzQUpDg.woff2
fonts.gstatic.com/s/sora/v11/ 31 KB
32 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v11/xMQbuFFYT72XzQUpDg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap&v=1675276665952

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6ccea834c81e029b0185925ac24caf2878d3c9f3d0cd8d79e7f73729970918b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bakertilly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:06:05 GMT
x-content-type-options: nosniff
age: 491501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32136
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:20:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 02:06:05 GMT

GET
H2

200

bg_footer_growth_symbol.png
storage.pardot.com/870811/1660068933OT5fpaKQ/
Redirect Chain

https://connect.bakertilly.com/footerbg
https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png

16 KB
16 KB

48ms
48ms

Image
image/png

2600:9000:223d:7c00:d:7e9b:1200:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png
Requested by: Host: storage.pardot.com
URL: https://storage.pardot.com/870811/1670948300Hzjlbtvp/BT_pdotlp_2022.css
Protocol: H2
Server: 2600:9000:223d:7c00:d:7e9b:1200:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eccbb88a8955a592ec36e36214b2326d30cd44855b1f4c4d54afda7a5f185e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.pardot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:05:42 GMT
x-amz-version-id: w0MCi5zfRP5BJCNxJW_qi4UFBjvRa_yq
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Tue, 09 Aug 2022 18:15:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 16325
etag: "546cf2b511d7ea20ea581d21052013e7"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-robots-tag: none
content-length: 15994
x-amz-cf-id: WRpuy6uQmbpJihDlm-xtgRW4vu6YpwKb_paTF6kW2vsnsugxURbECg==

Redirect headers

Date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
Server: PardotServer
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location: https://storage.pardot.com/870811/1660068933OT5fpaKQ/bg_footer_growth_symbol.png
Content-Type: text/html; charset=UTF-8
cache-control: max-age=600
Connection: keep-alive
x-robots-tag: none
Content-Length: 150
expires: Wed, 01 Feb 2023 18:47:46 GMT

POST
H2 200 p Show response
e.metarouter.io/v1/ 16 B
265 B 143ms
143ms XHR
application/json 35.225.249.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://e.metarouter.io/v1/p

Requested by

Host: cdn.metarouter.io
URL: https://cdn.metarouter.io/a/v1/iNb8Rmk2rahx23826pQyx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.225.249.69 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

69.249.225.35.bc.googleusercontent.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 900
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization
content-length: 16
x-request-id: da991cf7-6ec5-4929-935b-aacb474ed6cd

OPTIONS
H2 204 p
e.metarouter.io/v1/ 0
0 441ms
143ms Preflight 35.225.249.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://e.metarouter.io/v1/p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.225.249.69 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

69.249.225.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://connect.bakertilly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Wed, 01 Feb 2023 18:37:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 140ms
51ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Feb 2023 18:54:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 142ms
48ms Script
text/javascript 2600:9000:20eb:3600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NKV2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 628d6315130cd4de61ea584cd8dc091a22f3fe455afbf7228b43b99ca44db25e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: NwsfeSQdu7qaTe6tGVib5bHAlZ1WnBa6
Content-Encoding: gzip
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Date: Wed, 01 Feb 2023 17:54:39 GMT
Age: 2590
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 14:43:35 GMT
Server: AmazonS3
Etag: W/"3980429e4470aea3a07be4951d0c262b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: eywU3P9KgVDae4iyTQfXBWDFU-RDaRTUM52j9R-krqE5ORG7-S7bpg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 138ms
42ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10449
accept-ranges: bytes
content-length: 4777

GET
H2 200 siteanalyze_35627.js Show response
siteimproveanalytics.com/js/ 42 KB
12 KB 144ms
52ms Script
application/javascript 2606:4700:e2::ac40:8e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_35627.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecc14bc587513091db72537a892e0a3c21293d994eafcfbf491c1492dbce426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6GGADWCEYAJQP90H
age: 7166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11896
x-amz-id-2: 3VKC5XSjIwob/scX+XvqzFXllzmuJ6c/e4PdZqqd9BYv/26Wsrt1yZCL4TeN6coyxEuaaeNlwbk=
last-modified: Mon, 16 May 2022 09:18:05 GMT
server: cloudflare
etag: "5ee87e9da09b869f5814a2bfe344a9d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbk%2B0UKQOlZ9aA2pQrTTK8jycfVDizwtYAWjoRlsTnEDf3DQdvIoROOhKDFNjwdwkOD6prAHtodbD4jlkZrwFBkAwvRxjVOGD1XIfePop9BTA6eO1b%2BpAy50PZLc7%2BJfrcVDQDhyDAXZKpdmvnZi081LxkG7Nh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 792cccdcff49365c-FRA

GET
H2 200 beacon.js Show response
analytics-sm.com/js/v1/ 2 KB
2 KB 190ms
46ms Script
application/javascript 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-sm.com/js/v1/beacon.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:29:58 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 20:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 471
etag: W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, no-transform, public
x-amz-cf-id: HGDsE_hwPMCbNFPOQvMJSt8FLn3RMin9amT5FNddSedJWFd4o0eMBg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/30525/domain/connect.bakertilly.com/ 36 B
376 B 150ms
41ms XHR
application/json 2600:9000:2204:e600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/30525/domain/connect.bakertilly.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:e600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:31:16 GMT
content-encoding: gzip
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 390
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: jk2HsqLcvLBokvwAavSyqVO2jCF-Ekri63ooQ7rVNok-A9LVL_0-1A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276666434&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc9...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276666434&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc...

0
263 B

311ms
194ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276666434&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&e_ipv6=AQK0uAuHq-MoBgAAAYYORUcKbt5-Tp4H7tg97YLg6l0oGRKeyKb3A9Q02i3OVPSs1DU6J4A
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5A538A03124C4DA78233209184B11142 Ref B: FRAEDGE1210 Ref C: 2023-02-01T18:37:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzp76h/7VpLTJmRTzs7g==

Redirect headers

date: Wed, 01 Feb 2023 18:37:45 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A867616348584D439D0AFCBDD2A7FB2F Ref B: FRAEDGE1506 Ref C: 2023-02-01T18:37:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=30525&time=1675276666434&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&e_ipv6=AQK0uAuHq-MoBgAAAYYORUcKbt5-Tp4H7tg97YLg6l0oGRKeyKb3A9Q02i3OVPSs1DU6J4A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzp76dZr4LnEB9Mu20nQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 47ms
47ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1438527637&t=pageview&_s=1&dl=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=630266865&gjid=1587342685&cid=445164606.1675276666&tid=UA-9130791-1&_gid=70487710.1675276666&_r=1&_slc=1&gtm=2wg1u054NKV2&z=967424515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 18:37:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/ZIA6BVWR65BBXJT4LUM5OD/index.js
https://s.adroll.com/j/exp/index.js

28 B
784 B

82ms
45ms

Script
application/javascript

2600:9000:20eb:3600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: HTTP/1.1
Server: 2600:9000:20eb:3600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Date: Wed, 01 Feb 2023 01:50:05 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
Age: 60462
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: i3vUEo1WbUXhqZgESIitDmrFP2xSf6LfmTd2czgqt1Tmjl5LLvB-Ag==

Redirect headers

Date: Wed, 01 Feb 2023 04:40:17 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 50249
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 50FmmJJP41PMKlnUgsIZu7RFz3cI6mKWaEHYCs6avOnxYrIgIY6axg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

45ms
44ms

Script
application/javascript

2600:9000:20eb:3600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: HTTP/1.1
Server: 2600:9000:20eb:3600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Wed, 01 Feb 2023 09:07:43 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 34246
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4cEHTxHRS6cJMYBUj7ybw8c5aw1SuDoQE3AZfbqhvYDV9F4mtOJuBw==

Redirect headers

Date: Wed, 01 Feb 2023 05:09:21 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 48504
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xloL4E-ctEk-qkAPHmkasjv4Wuyuumce6NTuAS6wxxQjadWFsu26QA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/ 4 KB
3 KB 128ms
44ms Script
text/javascript 2600:9000:20eb:3600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ZIA6BVWR65BBXJT4LUM5OD/M2D4OQML3VET7J34M5WQS5/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: NyGT.B1Eh0CoWAEOce2X4tE3_5qGXtsH
Content-Encoding: gzip
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Date: Wed, 01 Feb 2023 18:32:42 GMT
Age: 1214
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 15:04:07 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FiJkXjeK7R_P-1TCSyamV_QhSbwNSBInUdGNlpzY05NWVDybobnYiw==

GET
H2 200 /
analytics-sm.com/ 68 B
386 B 40ms
40ms Image
image/png 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=10a28e2c-7096-450e-bdb9-2a977d6102b6&smuid=1675277342316&bt=1675276666482&url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&url_path=%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:12:29 GMT
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 5059518
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
content-length: 68
x-amz-cf-id: 4Ga1XWW2sau-wDUfiIJ1esVTNTV0QFRwHsXtZySHiEQOvOx4dJEh4Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 146ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9130791-1&cid=445164606.1675276666&jid=630266865&gjid=1587342685&_gid=70487710.1675276666&_u=YEBAAEAAAAAAACAAI~&z=752081327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 18:37:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.bakertilly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image.aspx
35627.global.siteimproveanalytics.io/ 34 B
479 B 189ms
42ms Image
image/gif 18.197.172.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35627.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&res=1600x1200&accountid=35627&rt=1871&prev=83e8ca4a-ad89-00b5-a13c-d9d1878b5f47&luid=00180d5e-6745-c898-8448-af0eba000053&rnd=21853
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.172.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-172-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 01 Feb 2023 18:37:46 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 01 Feb 2023 18:37:46 UTC

GET
H2 200 ZIA6BVWR65BBXJT4LUM5OD Show response
d.adroll.com/consent/check/ 453 B
546 B 176ms
58ms Script
application/javascript 2a05:d018:cc3:fe04:cece:1b07:77bd:8fc3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ZIA6BVWR65BBXJT4LUM5OD?pv=35143159491.35929&arrfrr=https%3A%2F%2Fconnect.bakertilly.com%2FlistUnsubscribeHeader%2Fu%2F870811%2Fb137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162%2F829643623&_s=5cbcdc876f47fd301492963359b5dd83&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:cece:1b07:77bd:8fc3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b67d146cf21105c63d6050a1d58ea6f2386749793b8b5c935bafc11904bd08de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:46 GMT
server: nginx/1.22.1
content-length: 453
content-type: application/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 175ms
85ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9130791-1&cid=445164606.1675276666&jid=630266865&_u=YEBAAEAAAAAAACAAI~&z=297045448

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 18:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 217ms
90ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9130791-1&cid=445164606.1675276666&jid=630266865&_u=YEBAAEAAAAAAACAAI~&z=297045448

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 18:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 46ms
46ms Script
application/javascript 2600:9000:20eb:3600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Date: Wed, 01 Feb 2023 18:35:22 GMT
Age: 146
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: U1HMAZks-D12bA6oNSA-3LiR-yigFdfpVgA6A7rLRqckkdewQLnOWw==

GET
H2 200 QonfzDSV1HDHlAyTp6g3 Show response
ws.zoominfo.com/pixel/ 0
612 B 266ms
182ms Script
text/plain 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3

Requested by

Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:37:47 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 792ccce03ea1690d-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 52ms
52ms Image
image/png 2600:9000:20eb:3600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: connect.bakertilly.com
URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Tue, 31 Jan 2023 18:50:49 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 85629
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: rynxaYzmHft5KBYs_9D8bHAKIR7GB1rsVWaToaiezMI0Vqo5Zc1vow==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@300;400;500;600;700;800&display=swap&

Domain: connect.bakertilly.com
URL: https://connect.bakertilly.com/btpdotlp2022?

Domain: connect.bakertilly.com
URL: https://connect.bakertilly.com/btpdotpc2022?

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bakertilly.com/	1970-01-20 18:06:52	Name: ajs_anonymous_id Value: %222ca5d0a0-b667-4114-8d7a-84eaf4848fd3%22
.bakertilly.com/	1970-01-20 11:30:52	Name: _gcl_au Value: 1.1.1229389344.1675276666
.bakertilly.com/	1970-01-20 18:57:16	Name: _ga Value: GA1.2.445164606.1675276666
.bakertilly.com/	1970-01-20 09:22:43	Name: _gid Value: GA1.2.70487710.1675276666
.bakertilly.com/	1970-01-20 09:21:16	Name: _gat_UA-9130791-1 Value: 1
.bakertilly.com/	1970-01-20 18:57:16	Name: sm_uuid Value: 1675277342316
.bakertilly.com/	1970-01-20 18:57:16	Name: nmstat Value: 83e8ca4a-ad89-00b5-a13c-d9d1878b5f47
connect.bakertilly.com/	1970-01-20 09:22:43	Name: ln_or Value: eyIzMDUyNSI6ImQifQ%3D%3D
35627.global.siteimproveanalytics.io/	1970-01-20 09:31:21	Name: AWSALBCORS Value: TYqPc3KHbSkAsDAcPQs71s7I5mdSixQU9NyuwvptOlXXqq+2LPvIIS0dnbA5O0XSH4AOlC7v7Tyr+OcGPJYCktm+afknRULh0CRULl7ZuZesVIsykmYX2PnOLc+a
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:06:52	Name: bcookie Value: "v=2&5c676cf7-6f9c-443e-81cf-bc78e468fd45"
.linkedin.com/	1970-01-20 13:40:28	Name: li_gc Value: MTswOzE2NzUyNzY2NjY7MjswMjEH4KhnphyxGZ3HB4gQuQX8SvYDnV7/gEH95JWhJVKs/g==
.linkedin.com/	1970-01-20 09:22:43	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675276666:t=1675363066:v=2:sig=AQEYLJ6Fh6vPAq9w9z0kF8IJrnl4ETXD"
.zoominfo.com/	1970-01-20 09:21:18	Name: __cf_bm Value: aaMQAij4vuMAkKxcBoYkSwGzQiya1douvQnbH_pH2wU-1675276667-0-AWntLurTOSXhXawocgMKb9FEO/ez/eUSgqeJyOXhfwJzpSYYoajUgpAlnav/plfiGmiiJLFp7Fe1uMr5ghh2gDM=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: CegASCMFV5.axX_YMSLq2dyzMrVq5sfUs3.R1o0U55M-1675276667060-0-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://connect.bakertilly.com/listUnsubscribeHeader/u/870811/b137cea7f765a10458ae3f3a4bc00ea421fbcfdc93fa371fc84da6adc04d1162/829643623 Message: Refused to execute script from 'https://ws.zoominfo.com/pixel/QonfzDSV1HDHlAyTp6g3' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35627.global.siteimproveanalytics.io
ajax.googleapis.com
analytics-sm.com
bit.ly
buttons-config.sharethis.com
cdn.calibermind.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.metarouter.io
connect.bakertilly.com
d.adroll.com
e.metarouter.io
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
siteimproveanalytics.com
snap.licdn.com
stats.g.doubleclick.net
storage.pardot.com
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
cdn.jsdelivr.net
connect.bakertilly.com
fonts.googleapis.com
13.107.42.14
13.224.189.30
13.32.99.22
18.197.172.107
2600:9000:20eb:3600:6:9280:1080:93a1
2600:9000:211a:2c00:c:abe:f440:93a1
2600:9000:211e:7200:13:5e7f:45c0:93a1
2600:9000:2204:e600:2:53b2:240:93a1
2600:9000:223d:7c00:d:7e9b:1200:93a1
2606:4700:3037::6815:2d74
2606:4700::6810:5714
2606:4700::6810:650c
2606:4700:e2::ac40:8e22
2620:1ec:21::14
2a00:1450:4001:813::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a00:1450:400d:803::2003
2a00:1450:400d:805::200a
2a00:1450:400d:808::2008
2a00:1450:400d:80c::200a
2a02:26f0:3500:16::215:14a0
2a05:d018:cc3:fe04:cece:1b07:77bd:8fc3
34.237.219.119
35.225.249.69
52.29.227.173
67.199.248.10
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
12bfc76815c9102e1d42e23830b022915b63a095f991f3349b2d06fe58c761f8
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2409f05808bdd1c2565f5ab75e7b4eaa685866da67667b91529869d4fdf5735a
4c762350bf5dcf159a3adfddb1c33d90a8d85daaf7c5de9ea82b5fd201dd2d5b
4de07af92a9e2e72fd6a9331056f3dbbc37994a55b950a2fbc9ff56e76c0da23
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
628d6315130cd4de61ea584cd8dc091a22f3fe455afbf7228b43b99ca44db25e
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7e4ef99653f86b716cfa8a91b47c4a573e1108ae4ea6bde77db90a3eb0271575
831e90e4c55e6a57fbd416f77c291ec58db4d5dd820a6daa1f897e6a68a69607
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
a6d4dbc34bb1eed122b44f46bddc1ce834b5b8e0c833c3d2d053312e1b3d5782
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecc14bc587513091db72537a892e0a3c21293d994eafcfbf491c1492dbce426
b66732691276b293c7f7dd6185e5abe7655837b8b233d258b189a9167f5e0cc6
b67d146cf21105c63d6050a1d58ea6f2386749793b8b5c935bafc11904bd08de
b6ccea834c81e029b0185925ac24caf2878d3c9f3d0cd8d79e7f73729970918b
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c66cff9be72723425aa7ba3b5b8c80b38401ddc48529701322c80fddef775133
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbc237cabbae1bfa0abc33951828b16f0c1f1078138460046d8d4affc34a23b2
cda851ced6071adcde40501c1c09e21fd48be1594567337f82711a6371b9779c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccbb88a8955a592ec36e36214b2326d30cd44855b1f4c4d54afda7a5f185e71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f48944a39f80e72007e095ed416bbdb3f39c6f222b47787745027c20acf58558
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbec195410c0786a7fb940d9eed5bf918e44e570c1bcd84abcce6f7c1fb9f4e1

connect.bakertilly.com Open in urlscan Pro 34.237.219.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

68 %HTTPS

71 %IPv6

22 Domains

28 Subdomains

27 IPs

4 Countries

595 kBTransfer

2211 kBSize

15 Cookies

18 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

connect.bakertilly.com Open in urlscan Pro
34.237.219.119 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

68 %
HTTPS

71 %
IPv6

22
Domains

28
Subdomains

27
IPs

4
Countries

595 kB
Transfer

2211 kB
Size

15
Cookies

50 HTTP transactions
0 data transactions